# -*- coding: utf-8 -*-

import json
import br.utils
from br.systemd import Proxy

# 禁止高危漏洞服务

# Bluetooth服务
BLUETOOTH_SERVICE = "bluetooth"
# cups 服务
CUPS_SERVICE = "cups"
# avahi-daemon 服务
AVAHI_SERVICE = "avahi-daemon"
# rpcbind 服务
RPCBIND_SERVICE = "rpcbind"
# smb 服务
SMB_SERVICE = "smb"


class VulnerabilitySysctl(object):
    def __init__(self):
        self.bluetooth_proxy = br.systemd.Proxy(BLUETOOTH_SERVICE)
        self.cups_proxy = br.systemd.Proxy(CUPS_SERVICE)
        self.avahi_proxy = br.systemd.Proxy(AVAHI_SERVICE)
        self.rpcbind_proxy = br.systemd.Proxy(RPCBIND_SERVICE)
        self.smb_proxy = br.systemd.Proxy(SMB_SERVICE)

    def set_bluetooth_service(self, arg):
        if not self.bluetooth_proxy.exist():
            return True
        if arg:
            self.bluetooth_proxy.enable()
            self.bluetooth_proxy.restart()
        else:
            if self.bluetooth_proxy.stop():
                return False
            self.bluetooth_proxy.disable()
        return True

    def set_cups_service(self, arg):
        if not self.cups_proxy.exist():
            return True
        if arg:
            self.cups_proxy.enable()
            self.cups_proxy.restart()
        else:
            if self.cups_proxy.stop():
                return False
            self.cups_proxy.disable()
        return True

    def set_avahi_service(self, arg):
        if not self.avahi_proxy.exist():
            return True
        if arg:
            # avahi-daemon服务需要将socket一起开启
            if br.utils.subprocess_has_output('systemctl list-unit-files | grep avahi-daemon.socket | wc -l') == '1':
                br.utils.subprocess_not_output(
                    'systemctl enable avahi-daemon.socket && systemctl enable avahi-daemon.service')
                br.utils.subprocess_not_output(
                    'systemctl restart avahi-daemon.socket && systemctl restart avahi-daemon.service')
            else:
                self.avahi_proxy.enable()
                self.avahi_proxy.restart()
        else:
            # avahi-daemon服务需要将socket一起关闭
            if br.utils.subprocess_has_output('systemctl list-unit-files | grep avahi-daemon.socket | wc -l') == '1':
                br.utils.subprocess_not_output(
                    'systemctl disable avahi-daemon.socket && systemctl disable avahi-daemon.service')
                br.utils.subprocess_not_output(
                    'systemctl stop avahi-daemon.socket && systemctl stop avahi-daemon.service')
            else:
                if self.avahi_proxy.stop():
                    return False
                self.avahi_proxy.disable()
        return True

    def set_rpcbind_service(self, arg):
        if not self.rpcbind_proxy.exist():
            return True
        if arg:
            self.rpcbind_proxy.enable()
            self.rpcbind_proxy.restart()
        else:
            if self.rpcbind_proxy.stop():
                return False
            self.rpcbind_proxy.disable()
        return True

    def set_smb_service(self, arg):
        if not self.smb_proxy.exist():
            return True
        if arg:
            self.smb_proxy.enable()
            self.smb_proxy.restart()
        else:
            if self.smb_proxy.stop():
                return False
            self.smb_proxy.disable()
        return True

    def get(self):
        retdata = dict()
        # 都为非活跃状态才为符合
        retdata[BLUETOOTH_SERVICE] = self.bluetooth_proxy.is_active()
        retdata[CUPS_SERVICE] = self.cups_proxy.is_active()
        retdata[AVAHI_SERVICE] = self.avahi_proxy.is_active()
        retdata[RPCBIND_SERVICE] = self.rpcbind_proxy.is_active()
        retdata[SMB_SERVICE] = self.smb_proxy.is_active()

        return (True, json.dumps(retdata))

    def set(self, args_json):
        args = json.loads(args_json)

        # 也可以不用捕获异常，后台框架会对异常进行处理
        try:
            if not self.set_bluetooth_service(args[BLUETOOTH_SERVICE]):
                return (False, "Unable to stop bluetooth service!")
            if not self.set_cups_service(args[CUPS_SERVICE]):
                return (False, "Unable to stop cups service!")
            if not self.set_avahi_service(args[AVAHI_SERVICE]):
                return (False, "Unable to stop avahi service!")
            if not self.set_rpcbind_service(args[RPCBIND_SERVICE]):
                return (False, "Unable to stop rpcbind service!")
            if not self.set_smb_service(args[SMB_SERVICE]):
                return (False, "Unable to stop smb service!")
            return (True, '')
        except Exception as e:
            br.log.error(str(e))
            return (False, "Abnormal service! Please check the log information for details.")
